7.2
CVE-2021-33157
- EPSS 0.04%
- Veröffentlicht 23.02.2024 21:15:09
- Zuletzt bearbeitet 09.01.2026 19:50:08
- Quelle secure@intel.com
- CVE-Watchlists
- Unerledigt
LoginInsufficient control flow management in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intel ≫ Ethernet Controller I225-it Firmware Version < 1.87
Intel ≫ Ethernet Controller I225-lm Firmware Version < 1.87
Intel ≫ Ethernet Controller I225-v Firmware Version < 1.87
Intel ≫ Ethernet Adapter Complete Driver Version < 29.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.116 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@intel.com | 7.2 | 0.8 | 5.8 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H
|
CWE-691 Insufficient Control Flow Management
The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.